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EXAMINER'S ANSWER 



This is in response to the appeal brief filed 21 February 2006. 
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(1) Real Party in Interest 
Hewlett Packard (Canada) 

(2) Related Appeals and Interferences 

Co-pending application 09/552,345 was on appeal, however it was re-opened and a new 
Non-Final rejection was mailed on 1 March 2006. 

(3) Status of Claims 

The statement of the status of the claims contained in the brief is correct. 

(4) Status of Amendments After Final 
No After Final Amendments were filed. 

(5) Summary of Invention 

The summary of invention contained in the brief is correct. 

(6) Issues 

The appellant's statement of issues in the brief is correct 

(7) Claims Appealed 

The copy of the appealed claims contained in the Appendix to the brief is correct. 

(8) Prior Art of Record 

US Patent: 6,178,505 ('505) Schneider et al. filed: 4 Mar. 1998 issued: 23 Jan. 2001 

(9) Grounds of Rejection 

The following grounds of rejection are appUcable to the appealed claims: 
Claims 5-1 1 are rejected under 35 U.S.C. 102(e). This rejection is set forth in a prior 
Office Action, mailed on 28 September 2005. 
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Regarding claim 5, the previously stated rejection is based upon U.S. Patent No. 
6,178,505 to Schneider et al. (hereinafter '505). 

As per the first limitation of claim 5, "A computer security service for a computer 
network accessible by users and comprising services and resources, the computer security 
service comprising" is taught in '505 col. 7, line 59 through col. 8, line 15, 

As per the second Umitation, "a policy builder component available to one or more 
policy managers for deflning access policies for the computer network users, services and 
resources" is shown in col. 8, Une 60 through col. 9, line 28; these paragraphs explain how the 
policy is built and that there are multiple pohcy administrators. 

As per the third Umitation, "a web-based delegated administration component 
accessible to users" is disclosed in *505 col. 25, Hnes 12-65 and col. 26, lines 31-49, these 
paragraphs describe the web-based GUI that provides the user or administrator the ability to 
modify the access poUcy. 

As per the fourth limitation, "for deflning access policies for the computer network 
users, services and resources the delegated administration component comprising a 
graphical user interface available to users for deflning said access policies" is taught in '505 
col 23, lines 15-65 and FIGS. 9 and 10; show a GUI representation of defining access policies 
for resources and delegated administration. 

As per the limitation of claim 6, "in which the delegated administration component is 
implemented as a service supported by the computer security service" is shown in *505 col. 
25, lines 12-18 and col. 26, lines 8-15; this section describes how the service type control can be 
another filter the user applies to the Resource List. 
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As per limitation of claim 7, "in which the graphical user interface comprises one or 
more HTML format pages accessible to users" is disclosed in '505 col. 25, lines 23-40; note a 
Java applet operating on a World Wide Web browser is equivalent to one or more HTML 
format pages. 

As per limitation of claim 8, "further comprising a delegated administration 
definition component for deflning delegated administration permissions for users whereby 
users are selectively enabled to use the delegated administration component to deflne access 
policies for specifled resources and users" is taught in '505 col. 31, line 17 through col. 32, 
line 8; this section of '505 shows how users can be administrators and relates policies relate a 
user to administrator to another user group, location, service, or another resource. 

As per hmitation of claim 9, "in which the delegated administration definition 
component further comprises a graphical user interface for displaying a grid having nodes, 
laid out on a first axis and on a second axis, each node corresponding to a variable set of 
users, potentially including the null set, for which delegated administration permissions are 
granted, the position of each node relative to the first and second axes in the grid defining 
the users and the resources, respectively, for which permissions are granted for the node" 
is shown in '505 col 31, lines 17-32, and col 22, lines 47-67; a GUI is shown in FIGS 9 and 10 
as well as described in the cited passages. 

As per Umitation of claim 10, "the graphical user interface further comprising an 
array of nodes relative to the second axis for defining specified users enabled to modify 
user data maintained by the computer security service, the position of each node in the 
array of nodes, relative to the first axis, defining the user data for which the modification of 
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data is enabled" is disclosed in '505 col. 31, lines 17-32 and FIGS 9 and 10, note the 
arrangement of nodes via x or y axis is something any Microsoft Excel or Access program allows 
when making graphs or table entry sheets. 

As per limitation of claim 1 1, this claim is directed to a computer readable program code 
of the computer security service of the above claims and is rejected along the same rationale. 
(10) Response to Arguments 

Regarding Appellant's argument 1, "Schneider does not disclose or suggest a system 
which comprises both of these recited elements, rather, Schneider shows non-web-based 
administrative user interface displays (901, 1001, 1101, and 1201) (Figures 9-12) which display 
users, resources, policies, and access filters, respectively, over which a user of the respective 
display has administrative authority (Column 22, lines 57-65 . . . Nowhere does Schneider 
disclose or suggest that these described display (901, 1001, 1101, 1201) are web-based". 

The grounds of rejection stated above show that the invention disclosed by Schneider 
does provide both a poUcy builder component and a web-based delegated administration 
component. In Schneider the access policies to resources can be dependent on location, user 
group, or established filter rules. These access poUcies can be defined by any user that is 
assigned to be an administrator of a particular user group, these user defined policies can be 
reviewed and managed, i.e. administered via the IntraMap described that is a web-based 
component. It is a web-based component because it runs on a browser that runs on the, World 
Wide Web, see '505 col. 25, lines 12-36 and col. 27, lines 39-42. In addition the web-based 
component utihze Policy Tables see col. 3 1, lines 17-67 and FIG. 16. 
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Regarding Appellant's second argument, "nowhere does Schneider disclose or suggest 
that this interface is capable of carrying out the recited features of "defining access policies for 
the computer network users, services, and resources". 

The grounds of rejection stated above show numerous ways Schneider shows the 
capability of defining access policies see col. 26, Hnes 3 1-49 and col. 27, lines 16-25; these 
paragraph explain how a user acting as an administrator updates the IntraMap display because 
the IntraMap acts like any other resource that a user with the correct usage rights can update. 

Regarding Appellant's third argument, "The Action further includes a Response to 
Arguments section (pages 2-4 of the Action which contends that Schneider at Column 25, lines 
12-65 teaches the "web~based" to set access poUcies accessible to user (Page 2, lines 1 1-13 of 
the Action) ... If is clear from this segment that in the sentence "the user sets" the word "set" is 
not a verb, but a noun which refers to the user access policy sets previously stored for the user. 
The word "set" in this sentence does not correspond to a verb and therefore does not disclose or 
suggest that a user is capable of using the described display to define access policies for users". 

The grounds of rejection shown above indicate that the IntraMap is web-based it runs on 
the World Wide Web and can be utilized to set policy see col. 26, lines 31-49 and col. 27, lines 
16-25. 

Regarding Appellant's fourth argument, "It appears the Action is reading this sentence 
out of context ... It is clear from this paragraph, that in the described other embodiment, the 
described display shows each user the resources that belong to the information sets that the user 
may access according to the "sensitivity level of the resource and trust level of the user's 
identification" as well as "the access poUcies for the user sets the user belongs to." Nowhere 
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does this paragraph in Schneider discloses or suggest "defining access poUcies" with the 
described IntraMap display". 

The grounds of rejected stated above as well as FIG. 25 as well as col. 26, lines 3 1-49 
and col. 27, hne 43 through col. 28, line 6 these section explain how the IntraMap is generated 
from the established poUcies of the user and location and how request to change the IntraMap are 
estabUshed. 

Regarding Appellant's fifth argument, "nowhere does Schneider disclose or suggest the 
alleged web-based IntraMap interface display (1801) is capable of defining access poHcies". 

The ground of rejection stated above show the IntraMap is used to define access policies 
see col. 27, line 43 through col. 28, line 6. 

Regarding Appellant's sixth argument, "In addition, Appellants respectfully submit that it 
would not be inherent in Schneider to include "a web-based delegated administration component 
accessible to users for defining access policies". 

The ground of rejection stated above show all the limitations in addition see FIGS. 9 
through 25. Note also a VPN is routinely connects users over the Internet. 

Regarding Appellant's seventh argument, "For example, Schneider specially teaches that 
the users must send an e-mail to an administrator when they which to have access to a particular 
resource (Column 25, lines 51-54). Thus users can acquire access to a new recourse by 
e-mailing an administrator who presumably has access to one of the non-web-based 
administrative display". 

The ground of rejection stated above show all the limitations furthermore Schneider 
discloses that a user may also be an administrator, in addition see FIGS 9 through 12 that explain 
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the feature on the IntraMap where a user can request information about new resources available 
see col. 26, lines 1-8, and e-mail is just one option available. 

Regarding Appellant's eighth argument, "nowhere does this portion. of Schneider or any 
other portion of Schneider disclose or suggest a web-based delegated administration component 
. . . that is implemented as a service supported by the computer security service." 

The ground of rejection stated above show all the limitations see col. 26, lines 8-15, 
which describe how the service type are related to the Resource List. 

Regarding applicant's ninth argument, "Claim 7 depends from claim 5 and recites that the 
graphical user interface comprises one or more HTML format pages accessible to users. 
Nowhere does Schneider disclose or suggest "a web-base delegated administration component" 
comprised of a graphical user interface that is comprised of HTML format pages". 

The ground of rejection stated above show all the limitations and applet running on the 
world-wide-web browser is equivalent to HTML format pages. 

Regarding applicant's tenth argument, "However, nowhere does this portion of Schneider 
disclose or suggest the recited "delegated administration definition component". 

The ground of rejection stated above shown above meet all the Umitations see col. 27, 
line 43 through col. 28, line 6. 

Regarding applicant's eleventh argument, "the Action has failed to show where 
Schneider discloses or suggest the recited "delegated administration definition component" 
which is capable of defining delegated administration permissions which selectively enable users 
to use a web-based delegated administration component to define access policies for specified 
resources and users. 
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The ground of rejection stated above shown above meet all the limitations see col. 27, 
line 43 through col. 28, line 6. 

Regarding applicant's twelfth argument, "Schneider does not disclose or suggest that 
theses displays have the features recited in claim 9 . . . . none .... shows the recited grid laid out on 
a first axis defining users and a second axis defining resources". 

The grounds of rejection stated above shown above meet all the limitations of providing 
GUI with X and y axis with user, resources, poUcies, and location. In addition review 
figures 9-18 in '505 that display a GUI that implements controlling access poUcies with respect 
to user, groups, location, and rules. 

For the above reasons, it is beUeved that the rejections should be sustained. 



Ellen Tran 
Patent Examiner 
Technology Center 2134 
26 May 2006 
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Respectfully submitted. 
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